Over the past decade, enterprise data privacy has undergone a monumental shift in focus and motivation. Data privacy was originally driven by an organization’s ethical commitment to protecting information about customers and third parties and organizations were largely left to their own devices to develop a set of sound privacy controls that adequately safeguarded sensitive information about individuals. After a series of high profile data privacy breaches, government and regulators have stepped in and created a series of mandates that strictly regulate how organizations may handle a variety of sensitive information. In this tip, we examine the legal and regulatory environment surrounding data privacy in the United States as well as offer some advice on building a privacy framework that facilitates compliance with these obligations.

Read more: An enterprise data privacy compliance primer

Published February 2014 on SearchSecurity.com